AL2021_02 Microsoft Releases Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086. (09th February 2021)

Description 

Microsoft has published security updates addressing two Critical Remote Code Execution (RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and an important Denial of Service (DoS) vulnerability (CVE-2021-24086).  

Summary 

The Transmission Control Protocol/Internet Protocol (TCP/IP) is a standard Internet communication protocol that establishes and maintains a connection between applications or devices until the completion of data exchange. TCP/IP divides communication tasks into layers that keep the process standardized, which excludes hardware and software providers having to manage themselves. The data packet is passed through four layers before they are received by the destination device, which results in TCP/IP going through the layers in reverse order to resemble the message in it’s original form. 

How it Works. 

Microsoft explains that the “DoS exploits for these CVEs would allow a remote attacker to cause a stop error”. It is highly possible that a user would receive a blue screen on any Windows system that is directly exposed to the internet with minimal network traffic. Thus, the importance of customers applying Windows security updates expeditiously. It was further stated by the tech giants, that the complexity of the two TCP/IP remote code execution (RCE) flaws is tedious when developing functional exploits. But the expectation of attackers creating DoS exploits is much easier, which can see security weaknesses turned into an ideal candidate for exploitation in the wild. 

Solutions 

It is recommended that users install Windows updates to address these vulnerabilities..  

For further information on these vulnerabilities kindly follow the below URL: 

https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/ 

The Guyana National CIRT recommends that users and administrators review this alert and apply it where necessary. 

PDF Download: Microsoft Releases Security Updates.pdf

References 

Microsoft Security Update Guide, Retrieved from Microsoft: https://msrc.microsoft.com/update-guide/releaseNote/2021-Feb 

Microsoft Security Response Center. Retrieved from Microsoft: https://www.theregister.comhttps://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/